Hackers Can Make $250,000 Selling iOS Exploits To The Government

Nicholas Allegra, or "Comex," created iOS jailbreaks that were downloaded by millions of people. Apple finally decided to hire him as an intern last year.

iOS hackers are some of the most sought after individuals in the security research community. Geniuses like Comex who come up with jailbreaks used by millions of iPhone and iPad users are offered incredible sums of money to sell their exploits to powerful and high profile clients.

Sure, you could win a decent amount of cash at a security conference for showing off the exploits you’ve uncovered, but why not make $250,000 and secretly sell your stuff to say, an entity like the U.S. government?

That’s exactly what a security researcher/middle man by the pseudonym of “Grugq” did for an unnamed iOS hacker. Located in Bangkok, Grugq made 15% commission off negotiating a $250,000 deal with a contact in the U.S. government. Grugq facilitated the transaction of the exploit information from the hacker in exchange for the 6-figure payout from the client.

That iOS exploit price represents just one of the dozens of deals the Grugq has arranged in his year-old side career as a middle man for so-called “zero-day” exploits, hacking techniques that take advantage of secret vulnerabilities in software. Since he began hooking up his hacker friends with contacts in government a year ago, the Grugq says he’s on track to earn a million in revenue this year. He arranged the iOS deal last month, for instance, between a developer and a U.S. government contractor. In that case, as with all of his exploit sales, he won’t offer any other details about the buyer or the seller.

Even with the $250,000 payout he elicited for that deal, he wonders if he could have gotten more. “I think I lowballed it,” he wrote to me at one point in the dealmaking process. “The client was too happy.”

Andy Greenberg from Forbes has put together a rundown of how much the average exploit sells for these days. The different price ranges are arranged by platform:

Windows exploits have always sold for more because of Microsoft’s larger market share presence in the PC space. Since Macs still only represent a fraction of desktop PCs sold every year, it’s much more cost-effective to create malware for the OS that the most people are using. You don’t see many viruses in the wild for OS X because there hasn’t been enough reason to target the platform.

What’s more surprising about Greenberg’s calculations is how little Android exploits are sold for in comparison with iOS. In fact, the average iOS exploit is worth far more than even a Windows exploit. It makes sense that browser are high up on the list, as they run on multiple platforms (for the most part) and serve as gateways to the internet. iOS, on the other hand, is the crème de la crème of platforms if you’re looking to sell an exploit.

Apple keeps iOS locked down tight. That’s why new jailbreaks always get so much coverage — they are feats of masterful hackery. Comex, the maker of the once-popular JailbreakMe tool for iOS 4.0, was reportedly offered 6 figures by multiple agencies to sell his iOS exploit. He ended up interning at Apple to help the company fortify the very platform he reverse engineered.

The people that make jailbreaks and find these kinds of exploits typically do security research work and consulting on the side. It’s a very lucrative, professional market that brings in millions and millions of dollars. Think about that next time you’re jailbreaking your iPhone.